使用SQLCipher与A​​ndroid [英] Using SQLCipher with Android

问题描述

我有previously问过这个问题，并没有得到任何合适的答案。

我发表在Play商店的应用程序，这使得大量使用的SQLite数据库。

现在我需要用SQLCipher来保护数据库。这里有一些问题，我面对。

1）我怎么能无缝集成SQLCipher我现有的未加密的数据库，让自己的应用程序的工作，因为它正常工作，但现在的数据库加密？

（我想在这一个简短的教程）

2）我应该如何检查，如果数据库是加密的，那我该怎么加密呢？我应该这样做只有一次？什么应该是最好的做法是什么？

（可能重​​复不回答这个问题）

3）当我加密我现有的未加密的数据库，做SQLCipher创建一个新的数据库？如果是的话，我应该怎么来管理这个新的？又是怎么回事我的旧的数据库是加密的？是否仍然呆在那里？

（也未提供在重复的问题这个解释）

解决方案

  

我怎么能无缝集成SQLCipher我现有的未加密的数据库，让自己的应用程序的工作，因为它正常工作，但现在的数据库加密？

您不知道。别的不说，你要调整你的UI来询问用户的密码，并确保你可以要求为需要的密码（如用户恢复一些内部活动任务，用户运行不只是当你通过启动器图标的应用程序）。

  

我想在这一个简短的教程

首先，这不是堆栈溢出是如何工作的。

二，SQLCipher为Android体面的覆盖面需要的​​多的多，可容纳在一个堆栈溢出的答案。我有在我的书这个问题的18页的一章为例。这个答案已经超过了Android的问题绝大多数，而我也不会责怪人们对关闭这个问题是过于宽泛。

  

我应该如何检查数据库加密

试着用，作为密码打开它使用SQLCipher为Android类。如果它成功打开，数据库是未加密的。如果失败，无论是数据库损坏或加密的，并且没有合适的密码，就无法分辨出来。

  

我怎么可以加密呢？

的基本方法是：

• 打开未加密的数据库

• 使用了附加 SQL语句要附加一个空文件，以作为新的加密数据库，提供您所需的密码，并将其命名为附加的数据库加密数据库会话中

• 运行 SELECT sqlcipher_export（'加密'）在打开的（未加密的）数据库，该数据库将数据从非加密数据库导出到加密一（除的数据库架构版本，这将在后面的步骤的处理）

• 呼叫的getVersion（）在开放（未加密的）数据库，并守住该值有点

• 关闭未加密的数据库

• 打开加密的数据库，用你的口令

• 呼叫 setVersion（）加密的数据库，提供的getVersion（）从缓存值未加密的数据库

• 关闭加密的数据库

• 如果需要，删除未加密的数据库，并重新命名加密之一的现在，删除未加密的一个名字，让您的转换似乎发生在地方

此实用工具方法实现了上面的方法：

 公共静态无效的加密（上下文ctxt，串DBNAME，
                             字符串密码）抛出IOException异常{
    文件originalFile = ctxt.getDatabasePath（数据库）;

    如果（originalFile.exists（））{
      文件NEWFILE =
          File.createTempFile（sqlcipherutils，TMP，
                              ctxt.getCacheDir（））;
      SQLiteDatabase DB =
          SQLiteDatabase.openDatabase（originalFile.getAbsolutePath（），
                                      ， 空值，
                                      SQLiteDatabase.OPEN_READWRITE）;

      db.rawExecSQL（的String.Format（附加数据库％s，因为加密的密钥％s的;
                                  newFile.getAbsolutePath（），密码））;
      db.rawExecSQL（选择sqlcipher_export（'加密'））;
      db.rawExecSQL（分离数据库加密;）;

      INT版本= db.getVersion（）;

      db.close（）;

      DB =
          SQLiteDatabase.openDatabase（newFile.getAbsolutePath（），
                                      密码，空，
                                      SQLiteDatabase.OPEN_READWRITE）;
      db.setVersion（版本）;
      db.close（）;

      originalFile.delete（）;
      newFile.renameTo（originalFile）;
    }
  }
 

在充分披露的利益，我没有尝试过这一段时间，所以有可能需要一些调整。

  

我应该这样做只有一次？

只有你能回答这个问题，因为这里没有人会知道很多关于你的应用程序。

  

当我加密我现有的未加密的数据库，请SQLCipher创建一个新的数据库？

是的。

  

如果是的，我应该怎么来管理这个新的？

只有你能回答这个问题，因为这里没有人会知道很多关于你的应用程序。

  

和那我的旧的数据库是加密的？是否仍然呆在那里？

是的，但我们欢迎您将其删除，如果当你用它做。

I have previously asked this question and have not got any appropriate answer.

I have an app published in the Play Store which makes heavy use of SQLite database.

Now I need to secure the database using SQLCipher. Here are some problems I am facing.

1) How can I seamlessly integrate SQLCipher with my existing unencrypted database, so that my app works as it works normally but now the databases are encrypted?

(I would like a short tutorial on this)

2) How should I check if the database is unencrypted and then how can I encrypt it? Should I do this only once? What should be the best practice?

(The possible duplicate doesn't answer this)

3) When I encrypt my existing unencrypted database, do SQLCipher create a new database? If yes, how should I be managing this new one? And what about my old database which is unencrypted? Does it still stay there?

(This explanation is also not provided in the duplicate question)

解决方案

How can I seamlessly integrate SQLCipher with my existing unencrypted database, so that my app works as it works normally but now the databases are encrypted?

You don't. Among other things, you have to adjust your UI to ask the user for a passphrase, and ensure that you can ask for that passphrase as needed (e.g., user resumes a task from some "inner" activity, not just when the user runs your app via a launcher icon).

I would like a short tutorial on this

First, that is not how Stack Overflow works.

Second, decent coverage of SQLCipher for Android takes much more than can fit in a single Stack Overflow answer. I have an 18-page chapter on the subject in my book, for example. This answer is already longer than the vast majority of Android questions, and I would not blame people for closing this question as being too broad.

How should I check if the database is unencrypted

Try opening it using the SQLCipher for Android classes with "" as the passphrase. If it opens successfully, the database is unencrypted. If that fails, either the database is corrupt or encrypted, and without the proper passphrase, you cannot tell the difference.

how can I encrypt it?

The basic approach is:

• Open the unencrypted database

• Use the ATTACH SQL statement to attach an empty file to serve as the new encrypted database, supplying your desired passphrase, and naming the attached database encrypted within your database session

• Run the SELECT sqlcipher_export('encrypted') in the open (unencrypted) database, which will export the data from the unencrypted database into the encrypted one (with the exception of the database schema version, which is handled in later steps)

• Call getVersion() on the open (unencrypted) database and hold onto that value for a bit

• Close the unencrypted database

• Open the encrypted database, using your passphrase

• Call setVersion() on the encrypted database, supplying the value you cached from getVersion() of the unencrypted database

• Close the encrypted database

• If desired, delete the unencrypted database and rename the encrypted one to the name of the now-deleted unencrypted one, so that your conversion appears to happen in place

This utility method implements the above approach:

  public static void encrypt(Context ctxt, String dbName,
                             String passphrase) throws IOException {
    File originalFile=ctxt.getDatabasePath(dbName);

    if (originalFile.exists()) {
      File newFile=
          File.createTempFile("sqlcipherutils", "tmp",
                              ctxt.getCacheDir());
      SQLiteDatabase db=
          SQLiteDatabase.openDatabase(originalFile.getAbsolutePath(),
                                      "", null,
                                      SQLiteDatabase.OPEN_READWRITE);

      db.rawExecSQL(String.format("ATTACH DATABASE '%s' AS encrypted KEY '%s';",
                                  newFile.getAbsolutePath(), passphrase));
      db.rawExecSQL("SELECT sqlcipher_export('encrypted')");
      db.rawExecSQL("DETACH DATABASE encrypted;");

      int version=db.getVersion();

      db.close();

      db=
          SQLiteDatabase.openDatabase(newFile.getAbsolutePath(),
                                      passphrase, null,
                                      SQLiteDatabase.OPEN_READWRITE);
      db.setVersion(version);
      db.close();

      originalFile.delete();
      newFile.renameTo(originalFile);
    }
  }

In the interests of full disclosure, I have not tried this in a while, and so there may need to be some tweaks.

Should I do this only once?

Only you can answer that, as nobody here is going to know much about your app.

When I encrypt my existing unencrypted database, do SQLCipher create a new database?

Yes.

If yes, how should I be managing this new one?

Only you can answer that, as nobody here is going to know much about your app.

And what about my old database which is unencrypted? Does it still stay there?

Yes, though you are welcome to delete it if and when you are done with it.

这篇关于使用SQLCipher与A​​ndroid的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！